# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=lxc
pkgver=6.0.0
_pkgver=${pkgver/_rc/.rc}
pkgrel=3
pkgdesc="Userspace interface for the Linux kernel containment features"
url="https://linuxcontainers.org/lxc/"
arch="all"
license="LGPL-2.1-or-later"
makedepends="
	dbus-dev
	docbook2x
	libapparmor-dev
	libcap-dev
	libcap-static
	libseccomp-dev
	linux-headers
	linux-pam-dev
	meson
	"
subpackages="
	$pkgname-dbg
	$pkgname-dev
	$pkgname-doc
	$pkgname-openrc
	$pkgname-lvm::noarch
	$pkgname-test-utils:_test_utils
	$pkgname-libs
	$pkgname-bridge::noarch
	$pkgname-bash-completion
	$pkgname-pam
	$pkgname-download:_download:noarch
	$pkgname-templates-oci:templates_oci:noarch
	$pkgname-templates::noarch
	$pkgname-user-nic:_user_nic
	"
source="https://linuxcontainers.org/downloads/lxc/lxc-$_pkgver.tar.gz
	lxc-top-cgroupv2.patch
	lxc.initd
	lxc.confd
	"
# no buildtime tests
options="!check suid"

# secfixes:
#   5.0.1-r2:
#     - CVE-2022-47952
#   3.1.0-r1:
#     - CVE-2019-5736
#   2.1.1-r9:
#     - CVE-2018-6556

_tmpldir="usr/share/lxc/templates"

build() {
	case "$CARCH" in
	riscv64)
		local lto=false
		;;
	*)
		local lto=true
		;;
	esac
	abuild-meson \
		-Db_lto=$lto \
		-Ddistrosysconfdir=/etc/default \
		-Dpam-cgroup=true \
		-Dtests=true \
		-Dinit-script="[]" \
		. output

	meson compile -C output
}

package() {
	DESTDIR="$pkgdir" meson install --no-rebuild -C output

	install -Dm755 "$srcdir"/lxc.initd "$pkgdir"/etc/init.d/lxc
	install -Dm644 "$srcdir"/lxc.confd "$pkgdir"/etc/conf.d/lxc
	install -d "$pkgdir"/var/lib/lxc

	# Remove useless config for SysVinit.
	rm -r "$pkgdir"/etc/default

	# they install this to libdir, but the other things are in /usr/lib
	# so we can't change it
	mkdir -p "$pkgdir"/lib
	mv "$pkgdir"/usr/lib/security "$pkgdir"/lib
}

lvm() {
	pkgdesc="LVM support for LXC"
	depends="$pkgname=$pkgver-r$pkgrel lvm2 util-linux"
	install_if="$pkgname=$pkgver-r$pkgrel lvm2"
	mkdir "$subpkgdir"
}

_test_utils() {
	pkgdesc="Runtime testing utilities for LXC"

	amove usr/bin/lxc-test-*
}

_py3() {
	pkgdesc="Python3 module for LXC"
	depends="python3"

	amove usr/lib/python3*
}

_download() {
	pkgdesc="LXC container image downloader template"
	depends="$pkgname gpg gnupg-dirmngr tar wget"

	amove $_tmpldir/lxc-download
}

templates() {
	pkgdesc="Templates for LXC (except alpine and download)"
	depends="tar"

	amove $_tmpldir/*
}

templates_oci() {
	pkgdesc="OCI Template for LXC"
	depends="bash jq"

	amove $_tmpldir/lxc-oci
}

pam() {
	pkgdesc="PAM module for LXC"

	amove lib/security
}

dev() {
	default_dev
	# fix abuild smartness
	mv "$subpkgdir"/usr/bin/lxc-config "$pkgdir"/usr/bin/
	mv "$subpkgdir"/usr/bin/lxc-update-config "$pkgdir"/usr/bin/
}

bridge() {
	depends="dnsmasq"
	pkgdesc="Bridge interface for LXC with dhcp"
	mkdir -p "$subpkgdir"/etc/conf.d \
		"$subpkgdir"/etc/init.d \
		"$subpkgdir"/etc/lxc

	ln -s dnsmasq "$subpkgdir"/etc/init.d/dnsmasq.lxcbr0
	cat >>"$subpkgdir"/etc/conf.d/dnsmasq.lxcbr0 <<- EOF
		rc_before="lxc"
		BRIDGE_ADDR="10.0.3.1"
		BRIDGE_NETMASK="255.255.255.0"
		BRIDGE_NETWORK="10.0.3.0/24"
		BRIDGE_DHCP_RANGE="10.0.3.2,10.0.3.254"
		BRIDGE_DHCP_MAX="253"
		BRIDGE_MAC="00:16:3e:00:00:00"
		DNSMASQ_CONFFILE="/etc/lxc/dnsmasq.conf"
	EOF
	cat >>"$subpkgdir"/etc/lxc/dnsmasq.conf <<- EOF
		#dhcp-host=somehost,10.0.3.3
		#dhcp-host=otherhost,10.0.3.4
	EOF
}

_user_nic() {
	pkgdesc="suid helper to manage LXC network interfaces as unprivileged user"

	amove usr/libexec/lxc/lxc-user-nic
}

sha512sums="
acff2fc70cf2c65af37b70a21239482c3d845c408f7132558b54980e4400c23670c63178a3a3dfb239f047f529004df93cd829d728852a8c8647ce6babf7857f  lxc-6.0.0.tar.gz
e7b7a443a71804f21e6225bed98310ccf2cad1a5bc2b9ad397e7d79fcfab6216e10ce02e249fbc0e6df2cfbe13e03320d9690db502027ae008a6f48218b81d17  lxc-top-cgroupv2.patch
db71783366277a68a5c8116604cf845da4780fe4aebdb5820ae2c4fe028cfe52a9c94246db362476f2f195be6a9c2b835edbe521423f116fc66eb50023d6daab  lxc.initd
91de43db5369a9e10102933514d674e9c875218a1ff2910dd882e5b9c308f9e430deacb13d1d7e0b2ed1ef682d0bb035aa6f8a6738f54fa2ca3a05acce04e467  lxc.confd
"
